aka

package

v1.2.1 Latest Latest Go to latest Published: Aug 20, 2020 License: BSD-3-Clause Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/go-magma/magma

Links

Open Source Insights

Documentation ¶

Overview ¶

package aka implements EAP-AKA provider

package aka implements EAP-AKA EAP Method

Package handlers provided AKA Response handlers for supported AKA subtypes ¶

package servce implements EAP-AKA GRPC service

Index ¶

Constants
func AppendMac(p eap.Packet, K_aut []byte) (eap.Packet, error)
func EapErrorRes(id uint8, code uint16, rpcCode codes.Code, ctx *aaa.Context, f string, ...) (*protos.Eap, error)
func EapErrorResPacket(id uint8, code uint16, rpcCode codes.Code, f string, a ...interface{}) (eap.Packet, error)
func EapErrorResPacketWithMac(id uint8, code uint16, K_aut []byte, rpcCode codes.Code, f string, ...) (eap.Packet, error)
func Error(code codes.Code, err error) error
func Errorf(code codes.Code, format string, a ...interface{}) error
func GSum(h *[5]uint32, data []byte) []byte
func GenMac(data, K_aut []byte) []byte
func HmacSha1(data, key []byte) []byte
func MK(identity, IK, CK []byte) []byte
func MakeAKAKeys(identity, IK, CK []byte) (K_encr, K_aut, MSK, EMSK []byte)
func NewAKANotificationReq(identifier uint8, code uint16) eap.Packet
func NewIdentityReq(identifier uint8, attr eap.AttrType) eap.Packet
func XSum(xkey []byte) []byte
type AkaState
type IMSI
- func (i IMSI) Validate() error
type Subtype

Constants ¶

View Source

const (
	TYPE           = uint8(protos.EapType_AKA)
	MIN_PACKET_LEN = eap.EapSubtype

	EapAkaServiceName = "eap_aka"
)

View Source

const (
	// AKA Attributes
	AT_RAND eap.AttrType = iota + 1
	AT_AUTN
	AT_RES
	AT_AUTS

	AT_PADDING
	AT_NONCE_MT

	AT_PERMANENT_ID_REQ
	AT_MAC
	AT_NOTIFICATION
	AT_ANY_ID_REQ
	AT_IDENTITY
	AT_VERSION_LIST
	AT_SELECTED_VERSION
	AT_FULLAUTH_ID_REQ

	AT_COUNTER
	AT_COUNTER_TOO_SMALL
	AT_NONCE_S
	AT_CLIENT_ERROR_CODE              // 22
	AT_IV                eap.AttrType = 129
	AT_ENCR_DATA         eap.AttrType = 130
	AT_NEXT_PSEUDONYM    eap.AttrType = 132
	AT_NEXT_REAUTH_ID    eap.AttrType = 133
	AT_CHECKCODE         eap.AttrType = 134
	AT_RESULT_IND        eap.AttrType = 135
)

View Source

const (
	// AKA Notification Codes
	NOTIFICATION_FAILURE_AUTH   uint16 = 0
	NOTIFICATION_FAILURE        uint16 = 16384
	NOTIFICATION_SUCCESS        uint16 = 32768
	NOTIFICATION_ACCESS_DENIED  uint16 = 1026
	NOTIFICATION_NOT_SUBSCRIBED uint16 = 1031
)

View Source

const (
	// IMSI Consts
	MinImsiLen = 6
	MaxImsiLen = 16
)

View Source

const (
	ATT_HDR_LEN = 4
	AUTN_LEN    = 16
	RAND_LEN    = 16
	RandAutnLen = RAND_LEN + AUTN_LEN
	MAC_LEN     = 16

	AT_RAND_ATTR_LEN = AUTN_LEN + ATT_HDR_LEN
	AT_AUTN_ATTR_LEN = RAND_LEN + ATT_HDR_LEN
	AT_MAC_ATTR_LEN  = MAC_LEN + ATT_HDR_LEN

	DefaultChallengeTimeout            = time.Second * 20
	DefaultErrorNotificationTimeout    = time.Second * 10
	DefaultSessionTimeout              = time.Hour * 12
	DefaultSessionAuthenticatedTimeout = time.Second * 5
)

Variables ¶

This section is empty.

Functions ¶

func AppendMac ¶

func AppendMac(p eap.Packet, K_aut []byte) (eap.Packet, error)

AppendMac appends AT_MAC attribute to eap npacket, signs the packet & returns the new, signed packet returns error if provided EAP Packet was malformed

func EapErrorRes ¶

func EapErrorRes(
	id uint8, code uint16,
	rpcCode codes.Code,
	ctx *aaa.Context,
	f string, a ...interface{}) (*protos.Eap, error)

func EapErrorResPacket ¶

func EapErrorResPacket(id uint8, code uint16, rpcCode codes.Code, f string, a ...interface{}) (eap.Packet, error)

func EapErrorResPacketWithMac ¶

func EapErrorResPacketWithMac(id uint8, code uint16, K_aut []byte, rpcCode codes.Code, f string, a ...interface{}) (eap.Packet, error)

func Error ¶

func Error(code codes.Code, err error) error

func Errorf ¶

func Errorf(code codes.Code, format string, a ...interface{}) error

func GSum ¶

func GSum(h *[5]uint32, data []byte) []byte

GSum SHA-1 based G function digest from FIPS Publication 186-2.

func GenMac ¶

func GenMac(data, K_aut []byte) []byte

GenMac calculates AKA MAC given data & K_auth (see: https://tools.ietf.org/html/rfc4187#section-10.15)

func MK ¶

func MK(identity, IK, CK []byte) []byte

MK calculates & returns AKA Master Key: MK = SHA1(Identity|IK|CK)

func MakeAKAKeys ¶

func MakeAKAKeys(identity, IK, CK []byte) (K_encr, K_aut, MSK, EMSK []byte)

MakeAKAKeys returns generated K_encr, K_aut, MSK, EMSK keys for AKA Authentication (RFC 4187, section 7)

func NewAKANotificationReq ¶

func NewAKANotificationReq(identifier uint8, code uint16) eap.Packet

func NewIdentityReq ¶

func NewIdentityReq(identifier uint8, attr eap.AttrType) eap.Packet

func XSum ¶

func XSum(xkey []byte) []byte

XSum generates 160 byte long byte slice of concatenated x_0..X_3 calculated according to RFC 4187, Appendix A * * let XKEY := MK, * * Step 3: For j = 0 to 3 do * a. XVAL = XKEY * b. w_0 = SHA1_Based_G(XVAL) * c. XKEY = (1 + XKEY + w_0) mod 2^160 * d. XVAL = XKEY * e. w_1 = SHA1_Based_G(XVAL) * f. XKEY = (1 + XKEY + w_1) mod 2^160 * 3.3 x_j = w_0|w_1

Types ¶

type AkaState ¶

type AkaState int16

const (
	// Processing/handling States
	StateNone          AkaState = iota
	StateCreated                // newly created
	StateIdentity               // Valid permanent identity received
	StateChallenge              // Auth Challenge was returned to UE
	StateAuthenticated          // UE is successfully authenticated
)

type IMSI ¶

type IMSI string

func (IMSI) Validate ¶

func (i IMSI) Validate() error

type Subtype ¶

type Subtype uint8

const (
	SubtypeChallenge Subtype
	SubtypeAuthenticationReject

	SubtypeSynchronizationFailure
	SubtypeIdentity
	SubtypeNotification     Subtype = 12
	SubtypeReauthentication Subtype = 13
	SubtypeClientError      Subtype = 14
)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
eap_aka Package main implements Magma EAP AKA Service	Package main implements Magma EAP AKA Service
metrics
provider package aka implements EAP-AKA provider Package aka implements EAP-AKA provider	package aka implements EAP-AKA provider Package aka implements EAP-AKA provider
servicers package servcers implements EAP-AKA GRPC service package servcers implements EAP-AKA GRPC service package servicers implements EAP-AKA GRPC service	package servcers implements EAP-AKA GRPC service package servcers implements EAP-AKA GRPC service package servicers implements EAP-AKA GRPC service
handlers Package handlers provided AKA Response handlers for supported AKA subtypes Package handlers provided AKA Response handlers for supported AKA subtypes Package handlers provided AKA Response handlers for supported AKA subtypes Package handlers provided AKA Response handlers for supported AKA subtypes	Package handlers provided AKA Response handlers for supported AKA subtypes Package handlers provided AKA Response handlers for supported AKA subtypes Package handlers provided AKA Response handlers for supported AKA subtypes Package handlers provided AKA Response handlers for supported AKA subtypes

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Documentation ¶

Overview ¶

Package handlers provided AKA Response handlers for supported AKA subtypes ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

func AppendMac ¶

func EapErrorRes ¶

func EapErrorResPacket ¶

func EapErrorResPacketWithMac ¶

func Error ¶

func Errorf ¶

func GSum ¶

func GenMac ¶

func HmacSha1 ¶

func MK ¶

func MakeAKAKeys ¶

func NewAKANotificationReq ¶

func NewIdentityReq ¶

func XSum ¶

Types ¶

type AkaState ¶

type IMSI ¶

func (IMSI) Validate ¶

type Subtype ¶

Source Files ¶

Directories ¶